pippinfandomcom-20200213-history
Pippin authentication
Pippin authentication (sometimes called “'authentification'”) uses a RSA cryptosystem in which only CD-ROMs that have been "authenticated" can be run by Pippin consoles.Technical Notes: Pippin Authentication, version 003 (PDF), Apple Computer. 1996-05-10. Developer submission process A software candidate was submitted by the developer to Apple Computer or one of its licensees, such as Bandai or Katz Media for official approval. Once approved, the contents of the CD-ROM were "digested" through a combination of an MD5 hashing algorithm with a RSA digital signature into a "PippinAuthenticationFile" to be included on the published disc. The private key that generated it was maintained in a "safe" computer at Apple.Exploring the Pippin ROM(s), part 7: A lot to digest by Keith Kaisershot, Blitter.net. 2019-05-04. The developer paid an "Authentication Handling Charge" (AHC) to Bandai, which was shared with Apple, to cover the cost of authentication processing at the disc "Stamping House". Developers of launch titles were incentivized by having this fee 100% discounted for the first year.Pippin Developer Newsletter No. 3-1 (Japanese), Atmark Channel. 1995-10-25. Archived 1998-05-08. Disc authentication process Standard consumer Pippin Atmark and @WORLD consoles contain a revision 1.0 or 1.2 ROM that authenticates the boot CD-ROM upon startup.Exploring the Pippin ROM(s) by Keith Kaisershot, Blitter.net. 2018-06-07. A routine stored in 'rvpr' resource ID 0 is loaded from the Pippin ROM and makes nine Macintosh Toolbox calls.Exploring the Pippin ROM(s), part 6: Back in the ‘rvpr’ by Keith Kaisershot, Blitter.net. 2019-02-17.It took some massaging, but as of this evening EASy68K assembles a binary identical to the original 'rvpr' 0 resource. by Keith Kaisershot, Twitter. 2019-04-20. It looks for the invisible "PippinAuthenticationFile" in the root directory of the boot volume of the CD-ROM and verifies its RSA digital signature with a public key included in the Pippin ROM. Then the first 128KB of the boot volume is read, followed by spot-checks of 128KB chunks from five random locations within the volume. The data from those six locations are "digested" through the MD5 hashing algorithm,The Pippin's 360-bit RSA public key by Keith Kaisershot, Twitter. 2019-04-29. which reverses the byte order of each longword.Pretty sure I found a major component of the code that generates digests of variable-sized chunks of data. by Keith Kaisershot, Twitter. 2019-04-21. The hashed values are compared against corresponding portions of the complete digest of the entire CD-ROM contained in "PippinAuthenticationFile". A failure at any stage would cause the Pippin console to eject the disc before completing the boot process. The first 128KB chunk to be checked also contains the Master Directory Block of the CD-ROM. This step appears to be intended to defeat conventional attempts to modify the disc's contents after it has been authenticated by Apple. Data integrity is checked during the process and any memory used is zeroed out once authentication is complete.The Pippin authentication process makes a *lot* of integrity checks along the way, by Keith Kaisershot, Twitter. 2019-04-27. This does not prevent backup copies from being made, as an exact duplicate of a disc with a valid "PippinAuthenticationFile" will boot normally under most circumstances.Les ROMs de la Pippin (French) by Pierre Dandumont, Le Journal du Lapin. 2016-07-02.Un lecteur CD plus rapide dans la Pippin (avec la ROM 1.3) (French) by Pierre Dandumont, Le Journal du Lapin. 2016-10-22. Bypassing authentication was used to bypass authentication.]] Pippin prototypes with pre-release developer ROMs do not contain a 'rvpr' resource, thus do not check to authenticate CD-ROMs.Demystifying the Bandai Pippin Developer Dongle, Peter Wong. 2010-04-29.Dongle Rumor by Kankoba, Maison PiPPiN. Archived 2009-08-05. Consoles with revision 1.2 ROMs contain a 'dong' resource ID 128 which checks for a developer dongle.1.2 Pippins, in addition to loading a 'rvpr' resource with ID 0, also load a 'dong' resource with ID 128., by Keith Kaisershot, Twitter. 2019-05-27. The presence of such a dongle will cause the console to skip the 'rvpr' authentication process, allowing non-authenticated CD-ROMs or external drives to load.Did you know: Apple provided ADB dongles to Pippin developers that allowed them to bypass the security check at startup., by Keith Kaisershot, Twitter. 2019-05-27. revision 1.3]] Revision 1.3 ROMs in the Katz Media Player 2000 contain the 'rvpr' resource, but do not perform the authentication check. However, revision 1.3 ROMs do not support booting from drives other than the internal optical drive at SCSI ID #3.Hacking the Pippin by Phil Beesley, Vintage Macintosh. 2007-10-22. Archived 2017-08-17.Useful Notes / Pippin, TV Tropes. Accessed 2017-04-12. A developer dongle would allow a KMP 2000 to boot from an external drive.Katz Media Begins Shipping Pippins in Europe, Katz Media SARL. 1997-03-17. Archived 1997-07-17. A boot disc called Pippin Kickstart can circumvent authentication and allow an unsigned or external SCSI volume to boot.Exploring the Pippin ROM(s), part 9: Kickstart by Keith Kaisershot, Blitter.net. 2019-07-01. The disc image was first released on June 30, 2019.Let today be known as when I instantly and radically diminished the utility value of any "rare" Pippin authentication dongles still clung to by collectors. #SorryNotSorry :D by Keith Kaisershot, Twitter. 2019-06-30. RSA keys The RSA public-key used to verify authenticated Pippin titles is 360-bits long and can be found in the ROMs of consumer Pippin consoles:The Pippin's 360-bit RSA public key by Keith Kaisershot, Twitter. 2019-04-29. E0E0275CAB60C886A3FAC298217954A89FD1B9DC8ABA84EFB1E7C9E21BF7DDD7DCF0E44ABB79510E7CEB80B11D Apple's private key to sign the PippinAuthenticationFile was discovered in May 2019: 011CD3ADE7998667D6E9E21711DBEC3307B60E4D6D032620775DDB9B3B64CF22B20E4AF32F0740EEB06F85F2A01D References See also *CD-ROM: Pippinized CD-ROMs *Mac OS: Pippin OS *Category:Unauthenticated Pippin titles External links *Cloning the Pippin Flash ROM board at 68k Macintosh Liberation Army *Exploring the Pippin ROM(s), part 2, 3, 4, 5 at Blitter.net (2018-06-10 ~ 09-24) *La Pippin bientôt hackée ? at Le Journal du Lapin (French, 2019-02-24) Category:Technology